Apparatus and method of detecting cache side-channel attack

ABSTRACT

Disclosed are an apparatus for detecting a cache side-channel attack which is capable of quickly detecting the cache side-channel attack in real time with high accuracy and a method thereof. The apparatus for detecting the cache side-channel attack may include a data collection unit that collects data from at least one of a core, an L1 cache, an L2 cache, and an L3 cache, respectively, and a data collection unit that collects data from at least one of a core, an L1 cache, an L2 cache, and an L3 cache, respectively.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority under 35 U.S.C. § 119 to Korean PatentApplication No. 10-2021-0052916 filed on Apr. 23, 2021, in the KoreanIntellectual Property Office, the disclosures of which are incorporatedby reference herein in their entireties.

BACKGROUND

Embodiments of the present disclosure described herein relate to anapparatus for detecting cache side-channel attack and a method thereof.

A central processing unit (CPU) uses a cache memory, which is atemporary storage medium, for high-speed processing of operations. Thecache memory may store various types of data that are frequently used,are determined to be used, or will be used soon in a process for runninga program, and may provide the stored data to the central processingunit in request. Therefore, the cache memory shortens data access timeand operation time, thereby enabling the central processing unit toquickly perform an operation processing.

A cache side-channel attack refers to unauthorized acquisition ofinformation from an attack target device by extracting and analyzingvarious traces (records, deletions, or the like) which occur in thecache memory according to an operation of the central processing unit.Various electronic devices, such as a desktop computer, a laptopcomputer, a server computer, a smartphone, or the like may be targetedfor the cache side-channel attack, and various information such as anencryption secret key, internet browser history, a firewall rule, apassword, or a mobile phone lock pattern may be targeted. The cacheside-channel attack includes Flush+Reload Attack and Prime+Abort Attack.The Flush+Reload Attack is a method in which an attacker deletes data inthe cache memory (a flush process) and then measures a time required foraccessing the deleted data (reload process) to obtain data on anexecution flow of an attack target device. The Prime+Abort Attack is amethod to allow an attacker to determine an execution flow of a targetusing a transaction abort hardware callback that occurs when an attackerwrites data to a cache group that an attacker wants to monitor (a primeprocess), and a victim removes data recorded by the attacker to load thedata into the cache (an abort process).

As described above, according to the cache side-channel attack,important secret data of the attack target device may be unauthorized,and thus detecting and blocking the cache side-channel attack isimportant in security of a hardware device. However, because a detailedsetting of the cache side-channel attack method is different dependingon the hardware or software to be attacked, even when the attack is ofthe same technique, phenomenon observed from the outside may bedifferent depending on the attack target. This not only means that ahigh degree of expertise is required for detection and determination ofwhether the cache side-channel attack exists, but it also means that itis difficult to expect highly accurate attack detection using only aconventional standardized method. In addition, depending on technique,the cache side-channel attack has little or no effect on the targetdevice, and the victim may not be able to perceive the attack. Further,even when the victim is able to perceive the attack, the attack isperformed for a very short time of several seconds or less, and thus itis very difficult to sense, detect, and respond to the attack.

SUMMARY

Embodiments of the present disclosure provide an apparatus for detectinga cache side-channel attack which enables rapid detection of a cacheside-channel attack in real time with high accuracy, and a method ofdetecting a cache side-channel attack.

To solve the above problems, an apparatus for detecting a cacheside-channel attack and a method of detecting a cache side-channelattack are provided.

According to an embodiment, an apparatus for detecting a cacheside-channel attack may include a data collection unit that collectsdata from at least one of a core, an L1 cache, an L2 cache, and an L3cache, respectively, and a data collection unit that collects data fromat least one of a core, an L1 cache, an L2 cache, and an L3 cache,respectively.

According to an embodiment, a method of detecting a cache side-channelattack may include collecting data from at least one of a core, an L1cache, an L2 cache, and an L3 cache, respectively, and obtaining adetection result corresponding to the data using at least one trainedlearning model.

BRIEF DESCRIPTION OF THE FIGURES

The above and other objects and features of the present disclosure willbecome apparent by describing in detail embodiments thereof withreference to the accompanying drawings.

FIG. 1 is a block diagram of an apparatus of detecting a cacheside-channel attack according to an embodiment;

FIG. 2 is a diagram illustrating an example of a process of collectingdata from a processor;

FIG. 3 is a diagram illustrating an example of a training process of alearning model;

FIG. 4 is a diagram illustrating an example of a detection process basedon a learning model; and

FIG. 5 is a flowchart illustrating an embodiment of a method ofdetecting a cache side-channel attack.

DETAILED DESCRIPTION

Disclosed hereinafter are exemplary embodiments of the presentinvention. Particular structural or functional descriptions provided forthe embodiments hereafter are intended merely to describe embodimentsaccording to the concept of the present invention. The embodiments arenot limited as to a particular embodiment.

Terms such as “first” and “second” may be used to describe various partsor elements, but the parts or elements should not be limited by theterms. The terms may be used to distinguish one element from anotherelement. For instance, a first element may be designated as a secondelement, and vice versa, while not departing from the extent of rightsaccording to the concepts of the present invention.

Unless otherwise clearly stated, when one element is described, forexample, as being “connected” or “coupled” to another element, theelements should be construed as being directly or indirectly linked(i.e., there may be an intermediate element between the elements).Similar interpretation should apply to such relational terms as“between”, “neighboring,” and “adjacent to.”

Terms used herein are used to describe a particular exemplary embodimentand should not be intended to limit the present invention. Unlessotherwise clearly stated, a singular term denotes and includes aplurality. Terms such as “including” and “having” also should not limitthe present invention to the features, numbers, steps, operations,subparts and elements, and combinations thereof, as described; othersmay exist, be added or modified. Existence and addition as to one ormore of features, numbers, steps, etc. should not be precluded.

Unless otherwise clearly stated, all of the terms used herein, includingscientific or technical terms, have meanings which are ordinarilyunderstood by a person skilled in the art. Terms, which are found anddefined in an ordinary dictionary, should be interpreted in accordancewith their usage in the art. Unless otherwise clearly defined herein,the terms are not interpreted in an ideal or overly formal manner.

Hereinafter, exemplary embodiments of the present disclosure will bedescribed in detail with reference to the accompanying drawings.However, the scope of the patent application is not confined or limitedby these embodiments. The same reference numerals in each drawingindicate the same members.

Hereinafter, an embodiment of an apparatus for detecting a cacheside-channel attack will be described with reference to FIGS. 1 to 4.

FIG. 1 is a block diagram of an apparatus of detecting a cacheside-channel attack according to an embodiment.

Referring to FIG. 1, an apparatus 100 for detecting a cache side-channelattack may include an input unit 101, an output unit 103, a storage unit105, and a processing unit 110. Here, at least two of the input unit101, the output unit 103, the storage unit 105, and the processing unit110 are provided to transmit data or instructions/commands to one sideor to each other through a cable or circuit line.

When necessary, at least one of the input unit 101, the output unit 103,and the storage unit 105 may be omitted.

The input unit 101 may receive data, instructions/commands, or programs(which are referred to as apps, applications, or software) from adesigner, user, or other external device (not shown), and may transmitthe received data, instructions/commands or programs to at least one ofthe storage unit 105 and the processing unit 110. For example, the inputunit 101 may receive an algorithm for a cache side-channel attack(hereinafter, referred to as a simulated attack) performed for traininga learning model 109, data thereof, and/or an instruction thereof. Also,the input unit 101 may receive at least one learning model (109 a ofFIG. 3 or 4) trained by another data processing unit (not shown). Theinput unit 101 may be provided integrally with the apparatus 100 fordetecting the cache side-channel attack or may be provided to bephysically separated. The input unit 101 may include a keyboard, amouse, a tablet, a pressure sensor, a motion sensor, a light sensor, atouch screen, a touch pad, a scanner, an image capturing module, amicrophone, a trackball and/or a trackpad, and the like, and may includea data input/output terminal capable of receiving data from a device (amemory device or the like), or a wired or wireless communication module(e.g., a LAN card, a short-range communication module, a mobilecommunication module, or the like) that is connected to other externaldevices through a wired or wireless communication network.

The output unit 103 is provided to output a processing result of theprocessing unit 110 to the outside. For example, the output unit 103visually or audibly outputs data on a detection process of the cacheside-channel attack by the processing unit 110, a detection result, or awarning message corresponding thereto, thereby being notified to anadministrator or user of the apparatus 100 for detecting the cacheside-channel attack, and/or transmitting the detection result or thewarning message to an external electronic device (e.g., a smart phone ora desktop computer). When necessary, the output unit 103 is capable oftransmitting the learning model 109 a trained by the processing unit 110to another external data processing unit (not shown, for example,another cache side-channel attack detection device). In this case, theanother external data processing unit may perform detection on the cacheside-channel attack through the same or some different method asdescribed later using the trained learning model 109 a received from theapparatus 100 for detecting the cache side-channel attack. The outputunit 103 may include a display device (a monitor device), a printerdevice, a speaker device, an image output terminal, a data input/outputterminal, a wired communication module, and/or a wireless communicationmodule, but is not limited thereto.

The storage unit 105 may temporarily or non-temporarily store at leastone data or program related to the apparatus 100 for detecting cacheside-channel attack. For example, the storage unit 105 may store thedetection result of the cache side-channel attack, the warning messagecorresponding to the detection result, a history of the detectionprocess, a pre-trained learning model 109, and/or the trained learningmodel 109 a. Here, the pre-trained learning model 109 and/or the trainedlearning model 109 a may be implemented based on at least one machinelearning model that a designer is capable of considering, such as amulti-layer perceptron, a support vector machine (SVM), and a deepneural network (DNN), a convolutional neural network (CNN), a recurrentneural network (RNN), a deep belief network (DBN), a deep Q-network, along and short term memory (LSTM), a generative adversarial network(GAN), and/or conditional GAN (cGAN). In addition, the storage unit 105may store at least one program to be driven by the processing unit 110to detect the cache side-channel attack. Here, the at least one programmay be implemented by singly or in combination with a performancecounter monitor (PCM) program and/or the pre-trained learning model 109or the trained learning model 109 a. The at least one program may be aseparate program specially designed to detect the cache side-channelattack, or may be a real-time attack detection program or a vaccineprogram designed and manufactured including a cache side-channel attackdetection operation. The at least one program may be directly written bya designer, and may be input, stored, or modified in the storage unit105, or may be obtained or updated through an electronic softwaredistribution network accessible through a wired or wirelesscommunication network.

The storage unit 105 may be implemented using at least one of a mainmemory device and an auxiliary memory device. Here, the main memorydevice may include a semiconductor storage medium such as ROM or RAM,and the auxiliary memory device may include at least one storage mediumcapable of permanently or semi-permanently storing data, such as a flashmemory device, a secure digital (SD) card, and a solid state drive(SSD), a hard disk drive (HDD), a compact disk (CD), a DVD, amagneto-optical disk, and/or a floppy disk.

The processing unit 110 is provided to detect the cache side-channelattack, and to obtain and output the detection result. In addition, theprocessing unit 110 may further perform training processing of thelearning model 109 to be used for detecting the channel side-channelattack. When necessary, the processing unit 110 may perform anoperation, determination, or control processing related to the overallor partial operation of the apparatus 100 for detecting cacheside-channel attack. In this case, the processing unit 110 may performthe above-described operation by simultaneously or sequentially drivingthe at least one program stored in the storage unit 105.

The processing unit 110 may include a central processing unit (CPU), amicrocontroller unit (MCU), a microprocessor (Micom), an applicationprocessor (AP), and an electronic control unit (ECU), and/or otherelectronic devices capable of processing various operations andgenerating control signals. These devices may be implemented using oneor more semiconductor chips.

According to an embodiment, the processing unit 110 may include a datacollection unit 120, a data processing unit 130, a training unit 132,and a detection unit 134, as shown in FIG. 1.

FIG. 2 is a diagram illustrating an example of a process of collectingdata from a processor.

The data collection unit 120 may collect and obtain at least one datanecessary for detection and determination of the cache side-channelattack, and may transmit the collected and obtained the at least onedata to at least one of the data processing unit 130, the training unit132, and the detection unit 134 directly or via another device.According to an embodiment, the data collection unit 120 may collectdata related to an operation of hardware such as a processor (e.g., acentral processing unit). Here, the processor may be provided to performoperations and functions of the data collection unit 120, the dataprocessing unit 130, the training unit 132, and/or the detection unit134. That is, the processor that is a data collection target of the datacollection unit 120 may be the processing unit 110, and in this case,the processing unit 110 (i.e., the data collection unit 120) collectsdata on its own activities. In addition, according to an embodiment, theprocessor that is the data collection target of the data collection unit120 may be one or more other processors (not shown) provided separatelyfrom the processing unit 110, and the processing unit 110 may collectdata on an operation of another processor from another processor.

As shown in FIG. 2, the processor which is the data collection targetmay include at least one core 91: 91-1, 91-2 for performingcalculation/processing, and at least one L1 cache 92: 92-1, 92-2corresponding to the at least one core 91: 91-1, 91-2, respectively. Inaddition, the processor which is the data collection target may furtherinclude at least one L2 cache 93: 93-1, 93-2 corresponding to the atleast one core 91: 91-1, 91-2, respectively. And the processor mayfurther include at least one L3 cache 94 corresponding to the pluralityof cores 91. The at least one L2 cache 93: 93-1, 93-2 or the at leastone L3 cache 94 may be provided integrally with a central processingunit, or may be provided physically separate. As described above, thedata collection unit 120 may obtain the data corresponding to theactivities from the at least one core 91: 91-1, 91-2, the at least oneL1 cache 92: 92-1, 92-2, the at least one L2 cache 93: 93-1, 93-2, andthe at least one L3 cache 94, and thus may collect data necessary fordetection and determination of the cache side-channel attack. When theplurality of cores 91: 91-1, 91-2 are provided, the data collection unit120 may obtain data corresponding to the activity of the hardware fromall of the plurality of cores 91: 91-1, 91-2 depending on a user'sselection or preset, or may obtain data corresponding to the activity ofthe hardware from some of the plurality of cores 91: 91-1, 91-2. In thesame way, when there are the plurality of L1 caches 92: 92-1, 92-2, theplurality of L2 caches 93: 93-1, 93-2, and/or the plurality of L3 caches94, the data collection unit 120 may obtain data from all L1 caches 92:92-1, 92-2, all L2 caches 93: 93-1, 93-2, and/or all L3 caches 94, ormay obtain data from some of the L1 caches 92: 92-1, 92-2, some of theL2 caches 93: 93-1, 93-2, and/or some of the L3 caches 94.

According to an embodiment, to collect data on the attack detection fromat least one of the cores 91: 91-1, 91-2, the L1 caches 92: 92-1, 92-2,the L2 cache 93: 93-1, 93-2, and the L3 cache 94, the data collectionunit 120 may include at least one of a hardware performance counter 121(HPC, referred to as a hardware counter) and a performance countermonitoring unit (PCM) 123. The hardware performance counter 121 may beprovided to record a value (e.g., a count result of the activity of thehardware) related to the activity of hardware such as a processor. Thehardware performance counter 121 may be implemented using a group ofregisters. Here, the group of registers may be specially prepared tostore a count result according to the operation, or may be embedded intoa processor such as a central processing unit. The number of registersin the group may vary depending on a type of processor or manufacturer.In addition, hardware-related activities include, for example, variousevents such as L1 cache miss, L2 cache miss, L3 cache miss, CPU cyclerate due to the L2 cache miss or L3 cache miss, L2 hit, L3 hit, datasize and/or branch prediction error read from or written to a memorycontroller. The performance counter monitoring unit 123 may analyze anactivity of a processor or the like. Specifically, for example, theperformance counter monitoring unit 123 may obtain values related to theactivity of the hardware for each core 91: 91-1, 91-2 using the valuestored in the hardware performance counter 121, may be converted into anumber that is capable of being checked by a user, or may form a graphbased on the obtained number. In addition, the performance countermonitoring unit 123 may generate and output the obtained values as datain a given format (e.g., a CSV format). The performance countermonitoring unit 123 may be implemented in hardware or software accordingto an embodiment, and may be omitted when necessary. The data obtainedby the hardware performance counter 121 or the performance countermonitoring unit 123 may be transmitted to the data processing unit 130.

Referring to FIG. 1, the data processing unit 130 may receive the datacollected by the data collection unit 120, and may process the receiveddata depending on a predefined or arbitrary setting by a user or adesigner, thereby obtaining the processed data. As an example, the dataprocessing unit 130 may analyze the data collected by the datacollection unit 120, and data collection unit 120 may select data ofhigh need or importance among the collected data, thereby enabling thedata collection unit 120 to process the collected data. In this case,unselected data may be removed as needed. According to an embodiment,the data processing unit 130 may obtain each field of data collected bythe data collection unit 120, and may perform a correlation analysisbetween each field and whether the attack is performed, thereby enablingdata to be selected in a field of high need or importance. For example,when a calculation result for the correlation between the data field andthe attack status exceeds a predefined threshold (e.g. 0.3), the data(s)of the data field may be selected, and data in other data fields may bedeleted, thereby obtaining the processed data. According to anembodiment, the data processing unit 130 may be omitted. The datacollected by the data collection unit 120 or the processed data obtainedby the data processing unit 130 may be transmitted to at least one ofthe training unit 132 and the detection unit 134.

FIG. 3 is a diagram illustrating an example of a training process of alearning model.

The training unit 132 may receive data from the data collection unit 120or the data processing unit 130, as shown in FIG. 3, and may performtraining on the learning model 109 based on the received data, therebyobtaining the trained learning model 109 a.

In more detail, for example, first, the data collection unit 120 maycollect data related to the activity of the hardware (hereinafter,referred to as a non-attack data d1) in absence of the attack, and maytransmit the non-attack data d1 to the data processing unit 130 or thetraining unit 132. The data processing unit 130 may select specific data(e.g., data of an important field) from the non-attack data d1 and maytransmit the selected data to the training unit 132. The training unit132 may input the non-attack data d1 or data selected from thenon-attack data d1 into the learning model 109, thereby training theleaning model 109 for the absence of the attack. In addition, preceding,following and/or simultaneously, the data collection unit 120 mayfurther collect data on the activity of the hardware under a simulatedattack (hereinafter, a simulated attack data, d2), and may transmit thecollected simulated attack data d2 to the data processing unit 130 orthe training unit 132. The data processing unit 130 may select data of aspecific field from the simulated attack data d2 in the same orpartially modified form as described above, and may transmit theselected data to the training unit 132. The data selected from thesimulated attack data d2 and the data selected from the non-attack datad1 may correspond to each other, and may be, for example, the same kindof data. The training unit 132 performs training on the learning model109 in a simulated attack situation based on the simulated attack datad2 or data selected from the simulated attack data d2. Through thisprocess, it is possible to obtain the trained learning model 109 a todetect the presence of the attack by grasping operation of the hardwarein the presence or absence of the attack. The trained learning model 109a may continuously be trained by repetitive input of the non-attack datad1 (or the data selected from the non-attack data d1) and/or thesimulated attack data d2 (or the data selected from the simulated attackdata d2). In addition, the trained learning model 109 a may be furthertrained in a process of detecting the cache side-channel attack, whichwill be described later.

According to an embodiment, the training unit 132 may train a pluralityof different learning models 109 from one another. Here, the pluralityof different learning models 109 may be implemented based onheterogeneous learning model(s), or may be implemented based on ahomogeneous learning model. For example, the training unit 132 may traineach of the plurality of learning models 109 using the non-attack datad1 (or the data selected from the non-attack data d1) and the simulatedattack data d2 (or the data selected from the simulated attack data d2).According to an embodiment, the training unit 132 may compare andevaluate each learning model 109 to select one or more learning models109 with excellent accuracy, and/or may sequentially determine and add aranking for each learning model 109 based on the accuracy (i.e., correctanswer rate for the non-attack or simulated attack) of each learningmodel 109 determined in the training process of each learning model 109.

FIG. 4 is a diagram illustrating an example of a detection process basedon a learning model.

Referring to FIG. 4, the detection unit 134 may receive data(hereinafter, referred to as a current data d3) for detecting whetherthe attack occurs from the data collection unit 120 or the dataprocessing unit 130, may detect whether the cache side-channel attackoccurs using the trained model 109 a, and may obtain the detectionresult 139.

Specifically, the data collection unit 120 may collect the current datad3 for the attack detection from at least one of the cores 91: 91-1,91-2, the L1 caches 92: 92-1, 92-2, the L2 cache 93, and the L3 cache 94and may transmit the current data d3 to the data processing unit 130 orto the training unit 132. The data processing unit 130 may process thecurrent data d3 and transmit it to the detection unit 134, and forexample, may select predetermined data, such as data of a field of highneed or importance, among the current data d3, and may transmit theselected data to the detection unit 134. According to an embodiment, thedata obtained by the data collection unit 120 or the data processingunit 130 may also be transmitted to the training unit 132. The detectionunit 134 may input the current data d3 obtained by the data collectionunit 120 or data selected by the data processing unit 130 among thecurrent data d3 into the trained learning model 109 a. The trainedlearning model 109 may obtain the detection result 139 corresponding tothe input data d3 based on the input data d3. Here, when the cacheside-channel attack exists in hardware such as a processor, the trainedlearning model 109 a outputs the detection result 139 indicating thatthe attack occurs in response to the input data d3. Conversely, whenthere is no cache side-channel attack in the hardware, different data d3from the case where the cache side-channel attack exists is input to thetrained learning model 109 a, and the learning model 109 a trained inresponse thereto outputs the detection result 139 that there is noattack. The training unit 132 may be omitted depending on embodiments,and in this case, the detection unit 134 may obtain the trained learningmodel 109 a from another data processing unit or memory device throughthe input unit 101.

As described above, because the detection unit 134 performs detectionbased on the learning model 109 a trained in advance, the entire processof detecting the cache side-channel attack may be processed before thecache side-channel attack ends, thereby enabling real-time detection ofthe cache side-channel attacks.

The above-described apparatus 100 for detecting the cache side-channelattack may be implemented using at least one data processing unittargeted for the cache side-channel attack depending on selection of adesigner or user and/or may be implemented using at least one other dataprocessing unit communicatively connected with the processor targetedfor the cache side-channel attack. Here, the at least one dataprocessing unit may include, for example, a desktop computer, a laptopcomputer, a smart phone, a tablet PC, a smart watch, a head mounteddisplay (HMD) device, a navigation device, a portable game machine, adigital television, a set-top box, home appliances (a refrigerator or arobot cleaner, etc.), an artificial intelligence sound reproducingdevice (an artificial intelligence speaker), a vehicle, a manned orunmanned aerial vehicle, a robot, industrial machinery, or an electronicbillboard, but are limited thereto. The above-described method ofdetecting the cache side-channel attack may be implemented in hardware,or various data processing units in which a program for theabove-described method of detecting the cache side-channel attack isinstalled and embedded may be applied to the above-described apparatus100 for detecting the cache side-channel attack according to thearbitrary selection of the designer or user.

Hereinafter, an embodiment of a method of detecting a cache side-channelattack will be described with reference to FIG. 5.

FIG. 5 is a flowchart illustrating an embodiment of a method ofdetecting a cache side-channel attack.

Referring to FIG. 5, first, at least one of non-attack data andsimulated attack data may be collected and obtained from hardware suchas a processor in 200. In this case, the non-attack data and thesimulated attack data may be sequentially or alternately collected.Here, the simulated attack for obtaining the simulated attack data maybe performed by a designer or a user. The non-attack data or simulatedattack data may be obtained from at least one of a core such as acentral processing unit, an L1 cache, an L2 cache, and an L3 cache, andwhen a plurality of cores, a plurality of L1 caches, a plurality of L2caches, and/or a plurality of L3 caches are provided in the device, andthe non-attack data or simulated attack data may be obtained from allcores, all L1 caches, all L2 caches and/or all L3 caches, or may beobtained from some cores, some L1 caches, some L2 cache, and/or some L3cache. Obtaining the non-attack data and/or simulated attack data may beperformed using a hardware performance counter (a group of registersspecially designed as an example), and may be additionally performedusing a predetermined program such as a performance counter monitoringunit when necessary.

The collected non-attack data and simulated attack data may be furtherprocessed as necessary in 202. For example, by analyzing all or some ofthe collected non-attack data and all or some of the simulated attackdata, respectively, data of high need or importance may be selected fromall or some of the non-attack data and all or some of the simulatedattack data, respectively. Selecting the data may also be performedbased on correlation analysis. The data processing process in 202 may beomitted depending on the embodiment.

The collected non-attack data and simulated attack data may be furtherprocessed as necessary in 202. For example, by analyzing all or some ofthe collected non-attack data and all or some of the simulated attackdata, respectively, data of high need or importance may be selected fromall or some of the non-attack data and all or some of the simulatedattack data, respectively. Selecting the data may also be performedbased on correlation analysis. The data processing process in 202 may beomitted depending on the embodiment.

The above-described processes from collection of the data to training ofthe learning model in 200 to 204, depending on situations, conditions ordesigner's arbitrary choice, may be performed first on the non-attackdata and then sequentially on the simulated attack data, may beperformed on the simulated attack data first and then sequentially onthe non-attack data, may be performed simultaneously on the non-attackdata and the simulated attack data, or may be performed arbitrarilyregardless of a type of data.

Current data is collected and obtained in 208. Collecting the currentdata may be performed in the same manner as the collection of thenon-attack data or simulated attack data described above, or throughsome different methods. For example, the current data may be obtainedfrom at least one core, at least one L1 cache, at least one L2 cache,and/or at least one L3 cache using a hardware performance counter orfurther using a performance counter monitoring unit.

The collected current data may also be processed in 210. When thenon-attack data or simulated attack data is processed and then is usedfor training a learning model, the current data collected in responsethereto may also be processed and may be used in the learning model.Processing the current data may include, for example, data selectionbased on correlation analysis.

Subsequently, the cache side-channel attack is detected using thecollected current data or processed current data in 212. Detecting thecache side-channel attack may be performed by applying the collectedcurrent data or processed current data to the learning model trained asdescribed above. Accordingly, whether there is the cache side-channelattack corresponding to the current data or processed current data isdetermined.

A detection result may be visually or audibly output to the outside, ormay be transmitted to other external electronic devices or displaydevices as needed in 214. In addition, the detection result may betemporarily or non-temporarily stored in a storage unit before output ortransmission.

The above-described processes from collection of the non-attackdata/simulated attack data to training of the learning model in 200 to204 and the above-described processes from collection of the currentdata to detection execution in 208 to 212 may be processed by the samedata processing unit according to an embodiment, or may be processed bydifferent data processing units. In this case, the different dataprocessing units may be communicatively connected, and one or more dataprocessing units may obtain the trained learning model by performing theprocesses from collection of the non-attack data/simulated attack datato training of the learning model in 200 to 204 and may transmit thetrained learning model to one or more other data processing units, andone or more other data processing units may perform the processes fromcollection of the above-described current data to detection in 208 to212 using the trained learning model.

The method of detecting the cache side-channel attack according to theabove-described embodiment may be implemented in a form of a programthat may be driven by a computer device. Here, the program may include aprogram command, a data file, a data structure, or the like alone or incombination. The program may be designed and produced using machine codeor high-level language code. The program may be specially designed toimplement the above-described method, or may be implemented usingvarious functions or definitions that are known and available to thoseof ordinary skill in a computer software field. In addition, here, thecomputer device may be implemented including a processor, a memory, andthe like that enable function of a program to be realized, and mayfurther include a communication device when necessary.

A program for implementing the above-described method of detecting thecache side-channel attack may be recorded in a computer-readablerecording medium. For example, the computer-readable recording mediummay include at least one type of physical device capable of storing aspecific program executed according to a call such as a computer, suchas a semiconductor storage device such as a solid state drive (SSD),ROM, RAM, or flash memory, a magnetic disk storage medium such as a harddisk or a floppy disk, an optical recording medium such as a compactdisk or a DVD, a magnetic-optical recording medium such as a flopticdisk, and a magnetic tape.

According to the apparatus for detecting the cache side-channel attackand the method of detecting the cache side-channel attack describedabove, the attack detection on the cache side-channel requiring lots ofexpertise and the long analysis time may be performed in the short timewith the high accuracy.

In addition, it is possible to easily and quickly cope with the attacksof various methods/types/processes, and accordingly, it is possible toappropriately detect and cope with the attacks based on the new method,thereby increasing the flexibility of the attack detection.

In addition, even when the system is not affected or perceived, not onlythe attack on the cache side-channel may be detected, but also theattack such as acquiring victim data for the short time may be quicklydetected and handled.

In addition, the data in the various electronic devices such as thecomputers or server devices used in the company, government office orinternet data center (IDC), the personal communication device, thepublic computer device, the POS device, the electronic device used inthe factory, the vehicle, the manned or unmanned aerial vehicle may besafely and reliably protected.

In addition, it may be applied to various platforms due to highportability.

Although various embodiments of the apparatus for detecting the cacheside-channel attack and the method thereof have been described above,the apparatus for detecting the cache side-channel attack and the methodthereof are not limited to the above-described embodiments. Variousapparatus or methods that are capable of being implemented by modifyingand revising based on the above-described embodiment by a person ofordinary skill in the art may also be an example of the above-describedapparatus for detecting the cache side-channel attack and the methodthereof. For example, although the described techniques are performed ina different order from the described method, and/or components such assystems, structures, devices, and circuits described are combined orassociated in a form different from the described method, or othercomponents or an equivalent is replaced or substituted, it may be anembodiment of the above-described apparatus for detecting the cacheside-channel attack and method thereof.

The device described above can be implemented as hardware elements,software elements, and/or a combination of hardware elements andsoftware elements. For example, the device and elements described withreference to the embodiments above can be implemented by using one ormore general-purpose computer or designated computer, examples of whichinclude a processor, a controller, an ALU (arithmetic logic unit), adigital signal processor, a microcomputer, an FPGA (field programmablegate array), a PLU (programmable logic unit), a microprocessor, and anyother device capable of executing and responding to instructions. Aprocessing device can be used to execute an operating system (OS) andone or more software applications that operate on the said operatingsystem. Also, the processing device can access, store, manipulate,process, and generate data in response to the execution of software.Although there are instances in which the description refers to a singleprocessing device for the sake of easier understanding, it should beobvious to the person having ordinary skill in the relevant field of artthat the processing device can include a multiple number of processingelements and/or multiple types of processing elements. In certainexamples, a processing device can include a multiple number ofprocessors or a single processor and a controller. Other processingconfigurations are also possible, such as parallel processors and thelike.

The software can include a computer program, code, instructions, or acombination of one or more of the above and can configure a processingdevice or instruct a processing device in an independent or collectivemanner. The software and/or data can be tangibly embodied permanently ortemporarily as a certain type of machine, component, physical equipment,virtual equipment, computer storage medium or device, or a transmittedsignal wave, to be interpreted by a processing device or to provideinstructions or data to a processing device. The software can bedistributed over a computer system that is connected via a network, tobe stored or executed in a distributed manner. The software and data canbe stored in one or more computer-readable recorded medium.

A method according to an embodiment of the invention can be implementedin the form of program instructions that may be performed using variouscomputer means and can be recorded in a computer-readable medium. Such acomputer-readable medium can include program instructions, data files,data structures, etc., alone or in combination. The program instructionsrecorded on the medium can be designed and configured specifically forthe present invention or can be a type of medium known to and used bythe skilled person in the field of computer software. Examples of acomputer-readable medium may include magnetic media such as hard disks,floppy disks, magnetic tapes, etc., optical media such as CD-ROM's,DVD's, etc., magneto-optical media such as floptical disks, etc., andhardware devices such as ROM, RAM, flash memory, etc., speciallydesigned to store and execute program instructions. Examples of theprogram instructions may include not only machine language codesproduced by a compiler but also high-level language codes that can beexecuted by a computer through the use of an interpreter, etc. Thehardware mentioned above can be made to operate as one or more softwaremodules that perform the actions of the embodiments of the invention andvice versa.

While the present invention is described above referencing a limitednumber of embodiments and drawings, those having ordinary skill in therelevant field of art would understand that various modifications andalterations can be derived from the descriptions set forth above. Forexample, similarly adequate results can be achieved even if thetechniques described above are performed in an order different from thatdisclosed, and/or if the elements of the system, structure, device,circuit, etc., are coupled or combined in a form different from thatdisclosed or are replaced or substituted by other elements orequivalents. Therefore, various other implementations, various otherembodiments, and equivalents of the invention disclosed in the claimsare encompassed by the scope of claims set forth below.

What is claimed is:
 1. An apparatus for detecting a cache side-channelattack, the apparatus comprising: a data collection unit configured tocollect data from at least one of a core, an L1 cache, an L2 cache, andan L3 cache, respectively; and a detector configured to obtain adetection result corresponding to the data using at least one trainedlearning model.
 2. The apparatus of claim 1, wherein The data collectionunit includes: a hardware performance counter that obtains and recordsdata on hardware activity from at least one of a core, an L1 cache, anL2 cache, and an L3 cache.
 3. The apparatus of claim 1, furthercomprising a data processing unit configured to process the data byperforming a correlation analysis on the data.
 4. The apparatus of claim1, further comprising a training unit configured to obtain the at leastone trained learning model by training at least one learning model usingthe data.
 5. The apparatus of claim 4, wherein the data includesnon-attack data obtained from at least one of the core, the L1 cache,the L2 cache, and the L3 cache in absence of the cache side-channelattack; and simulated attack data obtained from at least one of thecore, the L1 cache, the L2 cache, and the L3 cache in presence of asimulated attack.
 6. The apparatus of claim 4, wherein the at least onelearning model includes at least one machine learning model of amulti-layer perceptron, a support vector machine (SVM), a deep neuralnetwork (DNN), a convolutional neural network (CNN), and a recurrentneural network (RNN), a deep belief network (DBN), a deep Q-network, along short term memory (LSTM), a generative adversary neural network(GAN) and a conditional generative adversarial neural network (c GAN).7. A method of detecting a cache side-channel attack, the methodcomprising: collecting data from at least one of a core, an L1 cache, anL2 cache, and an L3 cache, respectively; and obtaining a detectionresult corresponding to the data using at least one trained learningmodel.
 8. The method of claim 7, wherein the collecting of the data fromthe at least one of the core, the L1 cache, the L2 cache, and the L3cache, respectively, includes obtaining and recording data on hardwareactivity from the at least one of the core, the L1 cache, the L2 cache,and the L3 cache.
 9. The method of claim 7, further comprisingprocessing the data by performing a correlation analysis on the data.10. The method of claim 7, further comprising training at least onelearning model using the data to obtain the at least one trainedlearning model.
 11. The method of claim 11, wherein the data includesnon-attack data obtained from at least one of the core, the L1 cache,the L2 cache, and the L3 cache in absence of the cache side-channelattack; and simulated attack data obtained from at least one of thecore, the L1 cache, the L2 cache, and the L3 cache in presence of asimulated attack.
 12. The method of claim 11, wherein the at least onelearning model includes at least one machine learning model of amulti-layer perceptron, a support vector machine, a deep neural network,a convolutional neural network, and a recurrent neural network, a deepbelief network, a deep Q-network, a long short term memory, a generativeadversary neural network and a conditional generative adversarial neuralnetwork.